Ask Your Question
0

Decode as LUA - how do I do that?

asked 2017-11-21 21:26:48 +0000

Stevod gravatar image

updated 2017-11-22 02:20:17 +0000

Guy Harris gravatar image

I am using a third party LUA dissector (which I know works, as I have previously used the same file successfully with Wireshark a few months ago).

Unfortunately, this time around the decode does not happen, and the TCP payload is just shown as the raw hex data, instead of parsed and decoded values as provided by the dissector file.

I seem to remember that last time round, I set Decode As... to use the LUA dissector for the specific port, but this time round the LUA dissector does not appear in the "Decode As" list of protocols, and I can see no way of adding it, so I can't set it for the specific port I need to decode.

I'd upload a screenshot but apparently I need 60 points to do so. Both the protocol (MAVLINK_PROTO) and the LUA_Dissector appear in the Internals>Supported Protocols, and it's enabled under Enabled Protocols, and I've checked that a LUA file runs using -X lua_script:hello.lua, as suggested in the wireshark docs.

Can anybody suggest what else I need to do?

I'm running wireshark-GTK 2.2.6 on Ubuntu 16.04.

Thanks, Stevod

edit retag flag offensive close merge delete
add a comment

1 Answer

Sort by ยป oldest newest most voted
0

answered 2017-11-22 20:57:09 +0000

Stevod gravatar image

updated 2017-11-22 20:59:04 +0000

Problem resolved: 1. There's a bug in the LUA script that causes it to fail, which I have fixed. 2. The script is written to sniff for traffic over UDP, whereas I am using it to sniff over TCP. Hence I changed the script to reflect that.

edit flag offensive delete link more

Comments

Hi, can you point me to how you solved the first issue? I am trying to decode UDP data as TCP for a project and my Wireshark 1.12.1 on Debian does not seem to allow me to do so when I go into the "Decode As..." menu. Basically, TCP does not appear as a protocol for the transport layer. However, I can do it on Wireshark 2.4.2 on Mac OS 10.12.6. Any help is much appreciated. Thanks!

sharknando gravatar imagesharknando ( 2017-12-20 14:40:53 +0000 )edit
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2017-11-21 21:26:48 +0000

Seen: 1,617 times

Last updated: Nov 22 '17

Related questions

how to invert two bytes in lua script dissector ?

Adjusting Bit order and Endianess in LUA between Dissectors

Error while creating a Lua listener in 2.4.2 with filter

Lua Dumper to variable

http2 decrypted data in tshark lua script

LUA: dissector wide global table

Reuse (part of) a Wireshark Dissector

Any way to use cmd tshark for a gns3 wire?

how to change COL_PROTOCOL with lua code

Use UDS dissector inside DoIP dissector

Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service
Powered by Askbot version 0.10.2